Binding to AD during Imaging

HelpDeskWarrior
New Contributor II

I am a newbie to both Casper and Macs in general and am trying to create my Casper image workflows but I have hit an issue with AD binding (I require joining all Macs to a Windows network).

In Casper Admin there is an item called 'AD' of the type 'Built-In AD' that is un-configurable and I can't find it in the JSS at all. Either way whatever it is (it may have been created by or Jumpstart trainer) it is not binding AD during the imaging process.

I have also looked through policies to see where I might bind AD and it doesn't seem obvious to me what I might set. I have done quite a bit of research and am at the point of needing some technical direction. Please assume I'm a rank beginner with this stuff...because I am!

Thanks :)

2 ACCEPTED SOLUTIONS

plawrence
Contributor II

@HelpDeskWarrior Hi Rob

In the JSS web page go to Computers -> Management Settings -> Computer Management -> Directory Bindings. You should be able to see the configured AD binding in there. I'd also suggest checking the /var/log/jamf.log on an imaged machine, or even the Imaging log in the JSS for a device to see what the error is when the binding is attempted.

View solution in original post

bentoms
Release Candidate Programs Tester

@HelpDeskWarrior As @plawrence says, check the log... the where is important, as in where in the imaging process is the binding being attempted?

We do ours post imaging AFTER setting the time, if you try at run the binding when the client is netbooted it will fail.

FWIW, my workflow is: here.

View solution in original post

6 REPLIES 6

plawrence
Contributor II

@HelpDeskWarrior Hi Rob

In the JSS web page go to Computers -> Management Settings -> Computer Management -> Directory Bindings. You should be able to see the configured AD binding in there. I'd also suggest checking the /var/log/jamf.log on an imaged machine, or even the Imaging log in the JSS for a device to see what the error is when the binding is attempted.

bentoms
Release Candidate Programs Tester

@HelpDeskWarrior As @plawrence says, check the log... the where is important, as in where in the imaging process is the binding being attempted?

We do ours post imaging AFTER setting the time, if you try at run the binding when the client is netbooted it will fail.

FWIW, my workflow is: here.

RogerH
Contributor II

@HelpDeskWarrior If you are using a thunderbolt to ethernet adapter the bind will always fail.This is a known issue and has to due with Apple and not JAMF. I do mine post imaging as @bentoms suggests.

Aziz
Valued Contributor

@RogerUL

This has worked perfectly for me for imaging laptops. I have it run as a first run, reboot script.

#CHECK TO SEE IF IMAGING LAPTOP
#This checks for Thunderbolt or USB over Ethrnet.

#!/bin/sh
# Checks to see if the Mac is either a MacBook Pro Retina or MacBook Air
# If it's either of these machines, the script will then check for External Network Adapters
# If either adapter is present, it will add the adapter to network services
# Resolves the annoying issue with USB & Thunderbolt Ethernet adapters with Casper Imaging

mbpr=`system_profiler SPHardwareDataType | awk '/Model Identifier/{print $3}' | cut -f1 -d ","`
mba=`system_profiler SPHardwareDataType | awk '/Model Identifier/{print $3}' | cut -c-10`
usbAdapter=`/usr/sbin/networksetup -listallhardwareports | grep "Hardware Port: USB Ethernet"`
tbAdapter=`/usr/sbin/networksetup -listallhardwareports | grep "Hardware Port: Thunderbolt Ethernet"`

/usr/sbin/networksetup -detectnewhardware

if [[ $mbpr = "MacBookPro10" ]] || [[ $mbpr = "MacBookPro11" ]] || [[ $mbpr = "MacBookPro12" ]]|| [[ $mbpr = "MacBookPro13" ]]|| [[ $mbpr = "MacBookPro14" ]]|| [[ $mbpr = "MacBookPro15" ]]; then
    if [ "$usbAdapter" != "" ]; then
        /usr/sbin/networksetup -createnetworkservice USB Ethernet 'USB Ethernet'
        echo "USB Ethernet added to Network Services"
    else
        echo "No USB Adapter connected"
    fi
    if [ "$tbAdapter" != "" ]; then
        /usr/sbin/networksetup -createnetworkservice Thunderbolt Ethernet 'Thunderbolt Ethernet'
        echo "Thunderbolt Ethernet added to Network Services"
    else
        echo "No Thunderbolt Adapter connected"
    fi  
elif [ $mba = "MacBookAir" ]; then
    if [ "$usbAdapter" != "" ]; then
        /usr/sbin/networksetup -createnetworkservice USB Ethernet 'USB Ethernet'
        echo "USB Ethernet added to Network Services"
    else
        echo "No USB Adapter connected"
    fi
    if [ "$tbAdapter" != "" ]; then
        /usr/sbin/networksetup -createnetworkservice Thunderbolt Ethernet 'Thunderbolt Ethernet'
        echo "Thunderbolt Ethernet added to Network Services"
    else
        echo "No Thunderbolt Adapter connected"
    fi
else
    echo "This machine does not use external network adapters"    
fi

exit 0

HelpDeskWarrior
New Contributor II

Thanks for all the insights...learning at a logarithmic rate!!

sean
Valued Contributor

@RogerUL I've never seen a fail with binding and adaptors. What OS have you seen this on? Are you using Apple or 3rd party adaptors? Do you use Casper's built-in tool for binding? We only have a few machines that would require an adaptor, but mine is one of them and I'm pretty sure I'd have noticed that one :)